ID: 41448 Updated by: [EMAIL PROTECTED] Reported By: whitephoenix at mail dot ru -Status: Feedback +Status: Bogus Bug Type: PCRE related Operating System: CentOS 4.3 64-Bit PHP Version: 5.2.2 New Comment:
The stack overflow in PCRE library has been reported numerous times to us, please search the database before reporting. The only thing we can do about it - limit the recursion using new INI options. The problem itself has nothing to do with PHP and should be reported to PCRE developers (but I'm sure they are well aware about it). Btw, I'm unable to reproduce it using PCRE 7.1 (though I don't believe there were any major updates to this issue, so this must be caused by my OS/system/build/etc.). Previous Comments: ------------------------------------------------------------------------ [2007-05-21 01:08:17] judas dot iscariote at gmail dot com PCRE crashes on match(), with either the bundled version or with latest 7.1. does not crash with 6.7. this is reproducible in both 32 and 64 bit here, so you dont need a 64 bit machine to get a backtrace ;-) ------------------------------------------------------------------------ [2007-05-20 10:19:06] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php for *NIX and http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32 Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. I don't have access to a 64-bit machine, so I need the backtrace to take a look. ------------------------------------------------------------------------ [2007-05-20 08:22:49] whitephoenix at mail dot ru Description: ------------ The following source gives segfault on CentOS 4.3 64-Bit and PHP 5.2.2. Don't be scared, this regular expression is real parser for my templates-engine, and it works with other operation systems. The result depends on Subject, so with '$var' it works well, but if '$var[anything]' then crashes. Reproduce code: --------------- <?php echo 'proof of compilation'."\n"; preg_replace( '~(([\'"]).*?(?<!\\\\)\2|\w*\s*\(((?:(?R)|.)*?)\)' .'|[\$#]\w+#?(?:\\[(?:(?R)|((?:[^\\]\'"]*(?:([\'"]).*?(?<!\\\\)\5)?)*))*?\\]|\.[\$#]?\w+#?|->\s*[\$#]?\w+(?:\(((?:(?R)|.)*?)\))?)*' .'|-?\d+|(?<=^|[\s\)\:\.=+\-<>])(?:\w+)(?=$|[\s\|\.\:\(=+\-<>]))(\s+(?:is(?:\s+not)?\s+(?:odd|div|even)\s+by\s+-?\d+|is(?:\s+not)?\s+(?:odd|even)))?((?:\|@?\w+(?:\\:(?:'.'\w*\(((?:(?R)|.)*?)\)|[\$#]\w+#?(?:\\[(?:(?R)|((?:[^\\]\'"]*(?:([\'"]).*?(?<!\\\\)\11)?)*))*?\\]|\.[\$#]?\w+#?)*|[^\'"\:]*(?:[^\'"\:]*([\'"]).*?(?<!\\\\)\12[^\'"\:]*)*'.'))*)*)' .'|((?<=\s|\))(?:is\s+not|is|not\s+eq|eq|neq?|gt|lt|gt?e|ge|lt?e|mod)(?=\s|\()|(?:not\s+))' .'~si','any replacement','$var[index]'); Expected result: ---------------- "any replacement" Actual result: -------------- [EMAIL PROTECTED] _test]# php -q bug.php proof of compilation Segmentation fault ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=41448&edit=1
